def update(id): entity = obj_or_404(Entity.by_id(id)) authz.require(authz.collection_write(entity.collection_id)) data = EntityForm().deserialize(request_data()) authz.require(data['list']) authz.require(authz.collection_write(data['list'].id)) entity.update(data) db.session.commit() return view(entity.id)
def update(id): authz.require(authz.collection_write(id)) coll = obj_or_404(Collection.by_id(id)) coll.update(request_data(), current_user) db.session.add(coll) db.session.commit() return view(id)
def create(): data = EntityForm().deserialize(request_data()) authz.require(data['collection']) authz.require(authz.collection_write(data['collection'].id)) entity = Entity.create(data, current_user) db.session.commit() return view(entity.id)
def index(): q = Collection.all_by_user(current_user) data = Pager(q).to_dict() results = [] for lst in data.pop('results'): ldata = lst.to_dict() ldata['permissions'] = {'write': authz.collection_write(lst.id)} results.append(ldata) data['results'] = results return jsonify(data)
def index(): q = Collection.all_by_user(current_user) data = Pager(q).to_dict() results = [] for lst in data.pop('results'): ldata = lst.to_dict() ldata['permissions'] = { 'write': authz.collection_write(lst.id) } results.append(ldata) data['results'] = results return jsonify(data)
def delete(id): authz.require(authz.collection_write(id)) coll = obj_or_404(Collection.by_id(id)) coll.delete() db.session.commit() return jsonify({'status': 'ok'})
def view(id): authz.require(authz.collection_read(id)) coll = obj_or_404(Collection.by_id(id)) data = coll.to_dict() data['can_write'] = authz.collection_write(id) return jsonify(data)
def delete(id): entity = obj_or_404(Entity.by_id(id)) authz.require(authz.collection_write(entity.collection_id)) entity.delete() db.session.commit() return jsonify({'status': 'ok'})